Level 30

Trust in two-factor authentication has slowly eroded in the last month after release of Amnesty International report and Modlishka tool.

A new penetration testing tool published at the start of the year by a security researcher can automate phishing attacks with an ease never seen before and can even blow through login operations for accounts protected by two-factor authentication (2FA).

Named Modlishka --the English pronunciation of the Polish word for mantis-- this new tool was created by Polish researcher Piotr Duszyński.

Modlishka is what IT professionals call a reverse proxy, but modified for handling traffic meant for login pages and phishing operations.

We use cookies to improve your browsing experience on our site, show personalized content and targeted ads, analyze site traffic, and understand where our audience is coming from.
By continuing to use this site, you are consenting to our use of cookies.